Vulnerability Details CVE-2022-30688
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://www.openwall.com/lists/oss-security/2022/05/17/9
- https://github.com/liske/needrestart/commit/e6e58136e1e3c92296e2e810cb8372a5fe0dbd30
- https://github.com/liske/needrestart/releases/tag/v3.6
- https://lists.debian.org/debian-lts-announce/2022/05/msg00024.html
- https://lists.debian.org/debian-security-announce/2022/msg00105.html
- https://www.debian.org/security/2022/dsa-5137
- https://www.openwall.com/lists/oss-security/2022/05/17/9
- http://www.openwall.com/lists/oss-security/2022/05/17/9
- https://github.com/liske/needrestart/commit/e6e58136e1e3c92296e2e810cb8372a5fe0dbd30
- https://github.com/liske/needrestart/releases/tag/v3.6
- https://lists.debian.org/debian-lts-announce/2022/05/msg00024.html
- https://lists.debian.org/debian-security-announce/2022/msg00105.html
- https://www.debian.org/security/2022/dsa-5137
- https://www.openwall.com/lists/oss-security/2022/05/17/9
Products affected by CVE-2022-30688
-
cpe:2.3:a:needrestart_project:needrestart:0.8
-
cpe:2.3:a:needrestart_project:needrestart:0.9
-
cpe:2.3:a:needrestart_project:needrestart:1.0
-
cpe:2.3:a:needrestart_project:needrestart:1.1
-
cpe:2.3:a:needrestart_project:needrestart:1.2
-
cpe:2.3:a:needrestart_project:needrestart:2.0
-
cpe:2.3:a:needrestart_project:needrestart:2.1
-
cpe:2.3:a:needrestart_project:needrestart:2.10
-
cpe:2.3:a:needrestart_project:needrestart:2.11
-
cpe:2.3:a:needrestart_project:needrestart:2.2
-
cpe:2.3:a:needrestart_project:needrestart:2.3
-
cpe:2.3:a:needrestart_project:needrestart:2.4
-
cpe:2.3:a:needrestart_project:needrestart:2.5
-
cpe:2.3:a:needrestart_project:needrestart:2.6
-
cpe:2.3:a:needrestart_project:needrestart:2.7
-
cpe:2.3:a:needrestart_project:needrestart:2.8
-
cpe:2.3:a:needrestart_project:needrestart:2.9
-
cpe:2.3:a:needrestart_project:needrestart:3.0
-
cpe:2.3:a:needrestart_project:needrestart:3.1
-
cpe:2.3:a:needrestart_project:needrestart:3.2
-
cpe:2.3:a:needrestart_project:needrestart:3.3
-
cpe:2.3:a:needrestart_project:needrestart:3.4
-
cpe:2.3:a:needrestart_project:needrestart:3.5
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:11.0
-
cpe:2.3:o:debian:debian_linux:9.0